How to Enter DFU Mode Without Home or Power Button [Tutorial]
So a friend of mine wanted me to jailbreak his iPhone the other day and I ran into an issue that I had not personally dealt with previously. The issue was that his home button wasn't functioning properly. You could click it, but if you tried to hold it down, it would not register as it being held down and therefore I could not enter DFU mode.
This is a major issue since most jailbreak tools these days require you to enter DFU mode as part of the process(with the exception being JailbreakMe of course). Fortunately, there is a way you can modify an iOS firmware file and restore your device with it and cause it to go into DFU mode loop, enabling you to use pre-jailbroken custom firmware tools like Sn0wbreeze and Pwnage Tool.
Step 1: Download the most recent iOS firmware file for your device.
Step 2: Change the file extension of the firmware file from .ipsw to .zip and extract it to a folder with whatever zip program you use.
Step 3: Inside the folder where you extracted the firmware file to, navigate to the Firmware/all_flash folder.
Step 4: Inside the all_flash folder you will see another folder, mine is called "all_flash.n90ap.production" yours may have a slightly different name depending on what device/firmware you are using.
Step 5: Inside this folder, you will see a file named "applelogo.xxx.img3" the "xxx" part will vary again depending on your device and firmware. Copy this file so that you have the original file and a copy like you see in the image below.
Step 6: Now that you have the original applelogo file and the copy, you want to find the file that's called "LLB.n90ap.RELEASE.img3" (once again, the sequence of letters and numbers after the LLB part will vary for each firmware and device). Once you have located the file, go into rename mode and copy the whole filename with the extension. Now that the filename is copied you can delete the LLB file.
Step 7: Now rename the COPY of the applelogo file and paste the LLB filename. You should now have two exact copies of the applelogo file with 2 different filenames.
Step 8: Next you want to zip the contents of the folder back up and change the extension from .zip back to .ipsw (make sure you zip the contents of the folder and not the folder itself).
Step 9: Connect your iDevice to your computer and in iTunes hold down shift(windows) or option(mac) and click the "restore" button. Select the modified ipsw file that you just zipped back up.
Step 10: After iTunes finishes restoring this modified firmware file you will get iTunes error 37, your device will now be in DFU mode and you will be able to enter Pwned-DFU mode using iReb, PwnageTool or Redsn0w to restore a custom pre-jailbroken firmware.
This process essentially invalidates iBoot since your LLB file is not actually the original LLB file and rather a copy of the applelogo file renamed. This is what causes the device to enter DFU mode.
If you have any questions or comments, please feel free to post them below(make sure to include the device and firmware you are using).
LIKE US ON FACEBOOKFACEBOOK
Nice tutorial. By the way, I always enter DFU mode to recover my lost data. Maybe this guide is useful.
ReplyDelete